Tips-Of-Mine/PowerHuntShares
Tips-Of-Mine/PowerHuntShares
2
0
Fork 0
mirror of https://github.com/NetSPI/PowerHuntShares.git synced 2025-05-05 03:38:42 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update PowerHuntShares.psm1

Browse Source 
Added folder group counts (directory list hashes)  to the "Top Share Names" summary dashboard to better understand the distribution of unique folder lists.
This commit is contained in:
Scott Sutherland 2024-06-01 13:39:59 -05:00 committed by GitHub
parent ca978b6579
commit 16543b558d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
PowerHuntShares.psm1
View File

@ -4,7 +4,7 @@
#-------------------------------------- #--------------------------------------
# Author: Scott Sutherland, 2024 NetSPI # Author: Scott Sutherland, 2024 NetSPI
# License: 3-clause BSD # License: 3-clause BSD
# Version: v1.36 # Version: v1.37
# References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell. # References: This script includes custom code and code taken and modified from the open source projects PowerView, Invoke-Ping, and Invoke-Parrell.
function Invoke-HuntSMBShares function Invoke-HuntSMBShares
{ {
@ -37,7 +37,7 @@ function Invoke-HuntSMBShares
o Enumerate SMB shares o Enumerate SMB shares
o Enumerate SMB share permissions o Enumerate SMB share permissions
o Identify shares with potentially excessive privileges o Identify shares with potentially excessive privileges
o Identify shares that provide reads & write access o Identify shares that provide read or write access
o Identify shares thare are high risk o Identify shares thare are high risk
o Identify common share owners, names, & directory listings o Identify common share owners, names, & directory listings
o Generate last written & last accessed timelines o Generate last written & last accessed timelines
@ -224,7 +224,7 @@ function Invoke-HuntSMBShares
Write-Output " o Enumerate SMB shares " Write-Output " o Enumerate SMB shares "
Write-Output " o Enumerate SMB share permissions " Write-Output " o Enumerate SMB share permissions "
Write-Output " o Identify shares with potentially excessive privielges " Write-Output " o Identify shares with potentially excessive privielges "
Write-Output " o Identify shares that provide reads & write access " Write-Output " o Identify shares that provide read or write access "
Write-Output " o Identify shares thare are high risk " Write-Output " o Identify shares thare are high risk "
Write-Output " o Identify common share owners, names, & directory listings " Write-Output " o Identify common share owners, names, & directory listings "
Write-Output " o Generate last written & last accessed timelines " Write-Output " o Generate last written & last accessed timelines "
@ -1607,7 +1607,8 @@ function Invoke-HuntSMBShares
$ComputerBar = $ShareNameBars.ComputerBar $ComputerBar = $ShareNameBars.ComputerBar
$ShareBar = $ShareNameBars.ShareBar $ShareBar = $ShareNameBars.ShareBar
$AclBar = $ShareNameBars.AclBar $AclBar = $ShareNameBars.AclBar
$ShareFolderGroupList = $ExcessiveSharePrivs|where sharename -like "$ShareName" | select filelistgroup -Unique | select filelistgroup -ExpandProperty filelistgroup #$ShareFolderGroupList = $ExcessiveSharePrivs | where sharename -like "$ShareName" | select filelistgroup -Unique | select filelistgroup -ExpandProperty filelistgroup
$ShareFolderGroupList = $ExcessiveSharePrivs | where sharename -EQ "$ShareName" | Group-Object FileListGroup | sort count -Descending | select count, name | foreach { $fdcount = $_.count; $fdname = $_.name;Write-Output "$fdcount $fdname<Br>"}
$ThisRow = @" $ThisRow = @"
<tr> <tr>
<td> <td>